Merge pull request #8565 from sfayer/check_passwd

fstagni · web-flow · commit cc22f947b781 · 2026-06-05T09:49:11.000+02:00
[int] Check for hardcoded passwords
diff --git a/src/DIRAC/Core/DISET/TransferClient.py b/src/DIRAC/Core/DISET/TransferClient.py
@@ -40,7 +40,7 @@ def _sendTransferHeader(self, actionName, fileInfo):
             self._disconnect(trid)
             return S_ERROR(f"Cound not request transfer: {str(e)}")
 
-    def sendFile(self, filename, fileId, token=""):
+    def sendFile(self, filename, fileId, token=""):  # nosec B107
         """
         Send a file to server
 
@@ -74,7 +74,7 @@ def sendFile(self, filename, fileId, token=""):
             fileHelper.oFile.close()
             self._disconnect(trid)
 
-    def receiveFile(self, filename, fileId, token=""):
+    def receiveFile(self, filename, fileId, token=""):  # nosec B107
         """
         Receive a file from the server
 
@@ -117,7 +117,7 @@ def __checkFileList(self, fileList):
                 bogusEntries.append(entry)
         return bogusEntries
 
-    def sendBulk(self, fileList, bulkId, token="", compress=True, bulkSize=-1, onthefly=True):
+    def sendBulk(self, fileList, bulkId, token="", compress=True, bulkSize=-1, onthefly=True):  # nosec B107
         """
         Send a bulk of files to server
 
@@ -154,7 +154,7 @@ def sendBulk(self, fileList, bulkId, token="", compress=True, bulkSize=-1, onthe
         finally:
             self._disconnect(trid)
 
-    def receiveBulk(self, destDir, bulkId, token="", compress=True):
+    def receiveBulk(self, destDir, bulkId, token="", compress=True):  # nosec B107
         """
         Receive a bulk of files from server
 
@@ -188,7 +188,7 @@ def receiveBulk(self, destDir, bulkId, token="", compress=True):
         finally:
             self._disconnect(trid)
 
-    def listBulk(self, bulkId, token="", compress=True):
+    def listBulk(self, bulkId, token="", compress=True):  # nosec B107
         """
         List the contents of a bulk
 
diff --git a/src/DIRAC/Core/Utilities/MySQL.py b/src/DIRAC/Core/Utilities/MySQL.py
@@ -504,7 +504,7 @@ class MySQL:
 
     __connectionPools = {}
 
-    def __init__(self, hostName="localhost", userName="dirac", passwd="dirac", dbName="", port=3306, debug=False):
+    def __init__(self, hostName="localhost", userName="dirac", passwd=None, dbName="", port=3306, debug=False):
         """
         set MySQL connection parameters and try to connect
 
diff --git a/src/DIRAC/FrameworkSystem/private/authorization/utils/Tokens.py b/src/DIRAC/FrameworkSystem/private/authorization/utils/Tokens.py
@@ -182,7 +182,7 @@ def groups(self):
         """
         return [s.split(":")[1] for s in self.scopes if s.startswith("g:") and s.split(":")[1]]
 
-    def get_payload(self, token_type="access_token"):
+    def get_payload(self, token_type="access_token"):  # nosec B107
         """Decode token
 
         :param str token_type: token type
@@ -196,7 +196,7 @@ def get_payload(self, token_type="access_token"):
             options=dict(verify_signature=False, verify_exp=False, verify_aud=False, verify_nbf=False),
         )
 
-    def get_claim(self, claim, token_type="access_token"):
+    def get_claim(self, claim, token_type="access_token"):  # nosec B107
         """Get token claim without verification
 
         :param str attr: attribute
diff --git a/src/DIRAC/WorkloadManagementSystem/Service/TornadoSandboxStoreHandler.py b/src/DIRAC/WorkloadManagementSystem/Service/TornadoSandboxStoreHandler.py
@@ -20,5 +20,5 @@ def initializeRequest(self):
     def export_streamFromClient(self, fileId, token, fileSize, data):
         return self._getFromClient(fileId, token, fileSize, data=data)
 
-    def export_streamToClient(self, fileId, token=""):
+    def export_streamToClient(self, fileId, token=""):  # nosec B107
         return self._sendToClient(fileId, token, raw=True)
